3 matches found
CVE-2025-48373
Schule has a client-side RBAC bypass prior to version 1.0.1: the app trusts data.role in the browser to redirect users to panels, allowing an attacker to set data.role to values like “admin” and access restricted areas. The root cause is insecure client-side role handling. Affected: Schule open-s...
CVE-2025-48372
Schule before version 1.0.1 uses generateOTP() to create a 4-digit numeric OTP, yielding a small keyspace (1000–9999, i.e., 9000 possibilities) that is vulnerable to brute-force attacks if rate-limiting or lockout is absent. The issue is fixed in version 1.0.1. Connected sources corroborate the a...
CVE-2025-48375
CVE-2025-48375 concerns Schule, an open-source school management system. Prior to version 1.0.1, the endpoint responsible for email-based OTP generation (forgot_password.php) lacks proper rate limiting, enabling abuse of the OTP request function. This can lead to excessive OTP emails, risking den...